Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
SourceCodester Sales and Inventory System 1.0: Unsecured Stock Updates
CVE-2026-4826
Summary
A security issue exists in SourceCodester Sales and Inventory System 1.0, which allows unauthorized access to sensitive data when updating stock levels. This could potentially lead to data breaches or system compromise. Update the system to the latest version to protect against exploitation.
Original title
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /update_stock.php of the component HTTP GET Parameter Handler. T...
Original description
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /update_stock.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. If you want to get best quality of vulnerability data, you may have to visit VulDB.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 26 Mar 2026 · Updated: 26 Mar 2026 · First seen: 26 Mar 2026